﻿Imports Microsoft.VisualBasic
Imports System.Collections.Generic

''' <summary>
''' 呼叫 ToString 時自動添加權限SQL語法
''' </summary>
''' <remarks></remarks>
Public Class MyAuthStringBuilder
    Inherits MyStringBuilder

    Private url As String
    Private userID As String
    Private tableName As String

    Public Sub New()

    End Sub

    Public Sub New(ByVal tableName As String)
        Me.tableName = tableName
    End Sub

    Private WaitAppendList As New List(Of String)

    Public Overrides Function AppendFormat(ByVal format As String, ByVal ParamArray args() As Object) As System.Text.StringBuilder
        'Order by 子句要最後再加入
        If format.Contains("order by") = True Then
            Dim s As New StringBuilder

            s.AppendFormat(format, args)

            Me.WaitAppendList.Add(s.ToString())
        Else
            Return MyBase.AppendFormat(format, args)
        End If


    End Function

    Public Overrides Function ToString() As String
        Dim modified As New StringBuilder
        Dim authTableName As String


        '特例處理
        '志工隊長在服務時數管理，可見屬於本區(直屬單位)之資料
        '志工隊長權限改由角色管理設定
        If False Then
            'If Me.tableName = "ManageWorkRecord" Or clsAuth.GetProgramUrl().Contains("ManageWorkRecord") Then
            '    Dim sql As New StringBuilder
            '    Dim dat As New clsData

            '    Using scope As New Transactions.TransactionScope
            '        sql.Length = 0
            '        sql.AppendFormat("select top 0 * into #CustomUserOrganizationAuth from CustomUserOrganizationAuth ")
            '        sql.AppendFormat("insert #CustomUserOrganizationAuth (UserID, OrganizationID, VOrganizationID,AddAccess,EditAccess,DeleteAccess,QueryAccess,PrintAccess,AdminAccess) ")
            '        sql.AppendFormat("select v.VolunteerID, vo.DirectOrganizationID, -1 ")
            '        sql.AppendFormat(", 'N' as AddAccess ")
            '        sql.AppendFormat(", 'N' as EditAccess ")
            '        sql.AppendFormat(", 'N' as DeleteAccess ")
            '        sql.AppendFormat(", 'N' as QueryAccess ")
            '        sql.AppendFormat(", 'N' as PrintAccess ")
            '        sql.AppendFormat(", 'Y' as AdminAccess ")
            '        sql.AppendFormat("from VolunteerView v ")
            '        sql.AppendFormat("inner join VOrganizationView vo on v.VOrganizationID = vo.VOrganizationID ")
            '        sql.AppendFormat("inner join RoleUserMappingView ru on v.VolunteerID = ru.UserID ")
            '        sql.AppendFormat("where v.VolunteerID = '{0}' ", clsAuth.GetUserID())
            '        sql.AppendFormat("and ru.RoleName = 'VolunteerLeader' ")

            '        dat.AccData(sql)

            '        clsAuth.BuildCustomOrganizationAuth(clsAuth.GetUserID())

            '        scope.Complete()
            '    End Using

            '    authTableName = "CustomUserOrganizationAuth"
        Else
            authTableName = "UserOrganizationAuth"
        End If

        modified.Length = 0
        modified.AppendFormat("select o.* ")
        modified.AppendFormat(", case when AddAccess = 'Y' or EditAccess = 'Y' or DeleteAccess = 'Y' or QueryAccess = 'Y' or PrintAccess = 'Y' or AdminAccess = 'Y' then 'Y' else 'N' end as HaveAccess ")
        modified.AppendFormat("from ( ")
        modified.AppendFormat("select o.* ")
        modified.AppendFormat(", case when pa.AddAccess = 'Y' and oa.AddAccess = 'Y' then 'Y' else 'N' end as AddAccess ")
        modified.AppendFormat(", case when pa.EditAccess = 'Y' and oa.EditAccess = 'Y' then 'Y' else 'N' end as EditAccess ")
        modified.AppendFormat(", case when pa.DeleteAccess = 'Y' and oa.DeleteAccess = 'Y' then 'Y' else 'N' end as DeleteAccess ")
        modified.AppendFormat(", case when pa.QueryAccess = 'Y' and oa.QueryAccess = 'Y' then 'Y' else 'N' end as QueryAccess ")
        modified.AppendFormat(", case when pa.PrintAccess = 'Y' and oa.PrintAccess = 'Y' then 'Y' else 'N' end as PrintAccess ")
        modified.AppendFormat(", case when pa.AdminAccess = 'Y' and oa.AdminAccess = 'Y' then 'Y' else 'N' end as AdminAccess ")
        modified.AppendFormat("from ({0}) o ", MyBase.s)
        modified.AppendFormat("inner join UserOrganizationAuth oa on o.OrganizationID = oa.OrganizationID and o.VOrganizationID = oa.VOrganizationID ")
        modified.AppendFormat("inner join {0}View oa on o.UOrganizationID = oa.UOrganizationID ", authTableName)
        modified.AppendFormat("inner join UserProgramAuth pa on pa.UserID = '{0}' ", clsAuth.GetUserID())
        modified.AppendFormat("inner join Program p on pa.ProgramID = p.ProgramID ")
        modified.AppendFormat("where 1=1 ")
        modified.AppendFormat("and oa.UserID = '{0}' ", clsAuth.GetUserID())

        If Me.tableName = "" Then
            modified.AppendFormat("and p.Url = '{0}' ", clsAuth.GetProgramUrl())
        Else
            modified.AppendFormat("and p.TableName = '{0}' ", Me.tableName)
        End If

        modified.AppendFormat(") o ")

        For Each subSql As String In Me.WaitAppendList
            modified.AppendFormat(subSql)
        Next

        Me.s = modified

        Return MyBase.ToString()
    End Function

End Class
